User ManualTable of ContentsChapter 1. Introduction9About this User Manual9Typographical Conventions10Chapter 2. Configuring Your Network:11LAN Configuration112.1.1 LAN Configuration in an IPv6 Network142.1.2 Configuring IPv6 Router Advertisements17VLAN Configuration192.2.1 Associating VLANs to ports20Configurable Port: DMZ Setup22Universal Plug and Play (UPnP)23Captive Portal25WLAN global configuration252.6.1 Wireless Discovery configuration282.6.2 AP Profile Global Configuration31Chapter 3. Connecting to the Internet: WAN Setup35Internet Setup Wizard35WAN Configuration363.2.1 WAN Port IP address373.2.2 WAN DNS Servers373.2.3 DHCP WAN373.2.4 PPPoE383.2.5 Russia L2TP and PPTP WAN413.2.6 WAN Configuration in an IPv6 Network423.2.7 Checking WAN Status44Features with Multiple WAN Links453.3.1 Auto Failover463.3.2 Load Balancing463.3.3 Protocol Bindings48Routing Configuration493.4.1 Routing Mode493.4.2 Dynamic Routing (RIP)523.4.3 Static Routing53WAN Port Settings54Chapter 4. Monitoring Status and Statistics56System Overview564.1.1 Device Status564.1.2 Resource Utilization58Traffic Statistics604.2.1 Wired Port Statistics60Active Connections614.3.1 Sessions through the controller614.3.2 LAN Clients634.3.3 Active VPN Tunnels63Access Point status64Global Status69Wireless Client Status75AP Management83Associated Client Status/Statistics95Chapter 5. Securing the Private Network97Firewall Rules97Defining Rule Schedules98Configuring Firewall Rules995.3.1 Firewall Rule Configuration Examples103Security on Custom Services107ALG support107VPN Passthrough for Firewall108Application Rules109Web Content Filtering1105.8.1 Content Filtering1105.8.2 Approved URLs1115.8.3 Blocked Keywords1125.8.4 Export Web Filter113IP/MAC Binding1145.10 Protecting from Internet Attacks115Chapter 6. IPsec / PPTP / L2TP VPN117VPN Wizard119Configuring IPsec Policies1216.2.1 Extended Authentication (XAUTH)1246.2.2 Internet over IPSec tunnel124Configuring VPN clients125PPTP / L2TP Tunnels1256.4.1 PPTP Tunnel Support1256.4.2 L2TP Tunnel Support1276.4.3 OpenVPN Support128Chapter 7. SSL VPN131Groups and Users1337.1.1 Users and Passwords139Using SSL VPN Policies1407.2.1 Using Network Resources143Application Port Forwarding144SSL VPN Client Configuration1467.4.1 Creating Portal Layouts148Chapter 8. Advanced Configuration Tools151USB Device Setup151Authentication Certificates152WIDS Security154WIDS AP configration154WIDS Client Configuration157Chapter 9. Administration & Management161Remote Management161CLI Access161SNMP Configuration162Configuring Time Zone and NTP163Log Configuration1649.5.1 Defining What to Log1659.5.2 Sending Logs to E-mail or Syslog1689.5.3 Event Log Viewer in GUI171Backing up and Restoring Configuration Settings172Upgrading wirelesss controller Firmware173Dynamic DNS Setup174Using Diagnostic Tools1759.9.1 Ping1769.9.2 Trace Route1769.9.3 DNS Lookup1769.9.4 Router Options1779.10 License177Appendix A. Glossary178Appendix B. Factory Default Settings180Figure 1: Setup page for LAN TCP/IP settings13Figure 2: IPv6 LAN and DHCPv6 configuration15Figure 3: Configuring the Router Advertisement Daemon18Figure 4: IPv6 Advertisement Prefix settings19Figure 5: Adding VLAN memberships to the LAN20Figure 6: Port VLAN list21Figure 7: Configuring VLAN membership for a port22Figure 8: DMZ configuration23Figure 9: UPnP Configuration24Figure 10: Active Runtime sessions25Figure 11: WLAN global configuration26Figure 12: Configuring the Wireless Discovery29Figure 13: Wireless Discovery status30Figure 14: AP Profile Global Configuration31Figure 15: AP Profile List33Figure 16: Internet Connection Setup Wizard35Figure 17: Manual Option1 configuration38Figure 18: PPPoE configuration for standard ISPs39Figure 19: Option1 configuration for Japanese Multiple PPPoE (part 1)40Figure 20: Option1 configuration for Multiple PPPoE (part 2)41Figure 21: Russia L2TP ISP configuration42Figure 22: IPv6 WAN Setup page43Figure 23: Connection Status information of Option145Bindings have been defined48destination network49Dynamic routing (RIP)51Figure 27: Static route configuration fields54Figure 28: Physical WAN port settings55Figure 29: Device Status display57Figure 30: Device Status display (continued)58Figure 31: Resource Utilization statistics59Figure 32: Resource Utilization data (continued)59Figure 33: Physical port statistics61Figure 34: List of current Active Firewall Sessions62Figure 35: List of LAN hosts63Figure 36: List of current Active VPN Sessions64Figure 37: AP status65Figure 38: Managed AP status67Figure 39: AP RF Scan Status69Figure 40: Peer Controller Status70Figure 41: Peer Controller Configuration Status71Figure 42: Peer Controller Managed AP Status72Figure 43: Configuration Receive Status74Figure 44: Associated Client Status75Figure 45: Associated Client SSID Status76Figure 46: Associated Client VAP Status77Figure 47: Controller Associated Client Status78Figure 48: Detected Client Status79Figure 49: Pre-Auth History81Figure 50: Detected Client Roam History82Figure 51: Valid Access Point Configuration83Figure 52: Add a Valid Access Point84Figure 53: RF configuration87Figure 54: Channel Plan History89Figure 55: Manual Channel Plan90Figure 56: Manual Power Adjustment Plan92Figure 57: Access Point Software Download93Figure 58: Local OUI Database94Fi gu r e 5 9 : M an a ge d A P S t at is t ic s95Figure 60: WLAN Associated Clients96Figure 61: List of Available Firewall Rules98Figure 62: List of Available Schedules to bind to a firewall rule99(209.156.200.225) to a private DMZ IP address (10.30.30.30)102action, schedules, and specify source/destination IP addresses as needed.103Figure 65: Schedule configuration for the above example.106Figure 66: List of user defined services.107Figure 67: Available ALG support on the controller108Figure 68: Passthrough options for VPN tunnels109Figure 69: List of Available Application Rules showing 4 unique rules110from being downloaded111Figure 71: Two trusted domains added to the Approved URLs List112Figure 72: One keyword added to the block list113Figure 73: Export Approved URL list114and logs will be captured115Figure 75: Protecting the controller and LAN from internet attacks116connected to the Internet117IPsec gateway118Figure 78: VPN Wizard launch screen119Figure 79: IPsec policy configuration122Figure 80: IPsec policy configuration continued (Auto policy via IKE)123Figure 81: IPsec policy configuration continued (Auto / Manual Phase 2)124Figure 82: PPTP tunnel configuration – PPTP Client126Figure 83: PPTP VPN connection status126Figure 84: PPTP tunnel configuration – PPTP Server127Figure 85: L2TP tunnel configuration – L2TP Server128Figure 86: OpenVPN configuration130Figure 87: Example of clientless SSL VPN connections to the DWC-1000132Figure 88: List of groups133Figure 89: User group configuration134Figure 90: SSLVPN Settings135Figure 91: Group login policies options136Figure 92: Browser policies options137Figure 93: IP policies options138Figure 94: Available Users with login status and associated Group139Figure 95: User configuration options140Figure 96: List of SSL VPN polices (Global filter)141Figure 97: SSL VPN policy configuration142Figure 98: List of configured resources, which are available to assign to SSL VPN policies144Figure 99: List of Available Applications for SSL Port Forwarding146Figure 100: SSL VPN client adapter and access configuration147Figure 101: Configured client routes only apply in split tunnel mode148Figure 102: SSL VPN Portal configuration150Figure 103: USB Device Detection152Figure 104: Certificate summary for IPsec and HTTPS management154Fi gu r e 1 0 5: W IDS A P Co nf i g ura t io n157Figure 106: WIDS Client Configuration160Figure 107: Remote Management161Figure 108: SNMP Users, Traps, and Access Control162Figure 109: SNMP system information for this controller163Figure 110: Date, Time, and NTP server setup164Figure 111: Facility settings for Logging166Figure 112: Log configuration options for traffic through controller168Figure 113: E-mail configuration as a Remote Logging option170Figure 114: Syslog server configuration for Remote Logging (continued)171Figure 115: VPN logs displayed in GUI event viewer172overwritten and a reboot173Figure 117: Firmware version information and upgrade option174Figure 118: Dynamic DNS configuration175Figure 119: Controller diagnostics tools available in the GUI176Figure 120: Install License177. Figure 121: After activating the License177Size: 4.47 MBPages: 181Language: EnglishOpen manual